| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The adb gadget driver used to reset the USB bus when the adbd daemon exited,
and the host side adb relied on this behavior to force it to reconnect
with the new adbd instance after init relaunches it. The new gadget
drivers no longer automatically reset the USB bus when adbd is restarted
which caused adb to hang since it was no longer forced to reconnect with the
device. We attempted to work around this on the host side adb, but that
work around has not been reliable.
This change adds a property trigger on the service.adb.root system property
which will reset the USB bus and restart the adbd daemon when adbd sets
the property to 1. This should be much closer to the previous behavior
and will hopefully fix some problems with automated testing.
Change-Id: I177c37400009a3d83f21a5f9431f94fd1cc19b9b
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: I68fcf167c9fc71bb5f44793648a35d3181fd36d7
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Reordered bootclasspath to allow verification of all framework methods.
git cherry-pick --no-commit ec164a0170955fe63106c2576a65bc4ffb1df425
Address CVE-2011-1090.
git cherry-pick --no-commit 3365288d3c00072689cd9d733e055561cadc87b5
Change-Id: I6a89bc600ced06a0cb84ae1670cb7a6ea39de9c8
|
|\ \ \ \
| | | | |
| | | | |
| | | | | |
default TrustManager (6 of 6)"
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
TrustManager (6 of 6)
frameworks/base
Adding IKeyChainService APIs for CertInstaller and Settings use
keystore/java/android/security/IKeyChainService.aidl
libcore
Improve exceptions to include more information
luni/src/main/java/javax/security/auth/x500/X500Principal.java
Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods.
Added support for adding user CAs in a separate directory for system.
Added support for removing system CAs by placing a copy in a sytem directory
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java
Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash
to make sure the implementing algorithms doe not change since
TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL
changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to
1.0.0)
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Extensive test of new TrustedCertificateStore behavior
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java
TestKeyStore improvements
- Refactored TestKeyStore to provide simpler createCA method (and
internal createCertificate)
- Cleaned up to remove use of BouncyCastle specific X509Principal
in the TestKeyStore API when the public X500Principal would do.
- Cleaned up TestKeyStore support methods to not throw Exception
to remove need for static blocks for catch clauses in tests.
support/src/test/java/libcore/java/security/TestKeyStore.java
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Added private PKIXParameters contructor for use by
IndexedPKIXParameters to avoid wart of having to lookup and pass
a TrustAnchor to satisfy the super-class sanity check.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java
luni/src/main/java/java/security/cert/PKIXParameters.java
packages/apps/CertInstaller
Change CertInstaller to call IKeyChainService.installCertificate
for CA certs to pass them to the KeyChainServiceTest which will
make them available to all apps through the
TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask.
src/com/android/certinstaller/CertInstaller.java
Added installCaCertsToKeyChain and hasCaCerts accessor for use by
CertInstaller. Use hasUserCertificate() internally. Cleanup coding
style.
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Added MANAGE_ACCOUNTS so that IKeyChainService.reset
implementation can remove KeyChain accounts.
AndroidManifest.xml
Implement new IKeyChainService methods:
- Added IKeyChainService.installCaCertificate to install certs
provided by CertInstaller using the TrustedCertificateStore.
- Added IKeyChainService.reset to allow Settings to remove the
KeyChain accounts so that any app granted access to keystore
credentials are revoked when the keystore is reset.
src/com/android/keychain/KeyChainService.java
packages/apps/Settings
Changed com.android.credentials.RESET credential reset action to
also call IKeyChainService.reset to remove any installed user CAs
and remove KeyChain accounts to have AccountManager revoke
credential granted to private keys removed during the RESET.
src/com/android/settings/CredentialStorage.java
Added toast text value for failure case
res/values/strings.xml
system/core
Have init create world readable /data/misc/keychain to allow apps
to access user added CA certificates installed by the CertInstaller.
rootdir/init.rc
Change-Id: I768ca8e8e990ff333ce0f7069a0935173498c5ed
|
|/ / /
| | |
| | |
| | | |
Change-Id: Ie8ad60047fc7160997100bd28a0abb439406806a
|
|\ \ \
| |/ /
|/| /
| |/ |
Change-Id: I159dd58c403bc38f9637163d8cd5e6270e4f201c
|
| |\
| | |
| | |
| | |
| | | |
* commit '52a64057b60b0ad242e95fdc285ec60e0191d5b5':
ueventd.rc: Move /dev/qemu_trace to ueventd.goldfish.rc
|
| | |
| | |
| | |
| | |
| | |
| | | |
+ Add /dev/qemu_pipe line for QEMU pipes.
Change-Id: If3c5c675bfc1585a1d6ffcd1042aaedbc2e94763
|
| | |
| | |
| | |
| | |
| | |
| | | |
ueventd.stingray.rc
Change-Id: Ie8a287620d22b5c1bdc459fb288b7403589ab474
|
| | |
| | |
| | |
| | | |
Change-Id: I90111567564397ca08e87dcfcbdf23337bf79ae6
|
| | |
| | |
| | |
| | | |
Change-Id: If9a325b9e716abe00f3ad6f20b012861308abd2d
|
|\ \ \
| | | |
| | | |
| | | | |
into honeycomb-mr1
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix for bug 3415286. The persistent properties are normally read early
in the boot process after /data is mounted. However, for an encrypted
system, at that point /data is a tmpfs ramdisk. This change adds a new
command to init (load_persist_props) to read the persistent properties,
and adds an action to init.rc to load the persistent properties. This
action is triggered by setting a property in vold, but that's in a
different CL.
Change-Id: I74b3057974ee6029c29d956b76fef5566700d471
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is to allow OpenGL ES rendering from the system process,
and help with debugging.
Bug: 4086003
Change-Id: I732e95f4fcaa358f430cc195d8e63a69263bffdc
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the SD card"
* commit '663268caac636e32b19173743594899e52df0830':
x86: Add vold.fstab to mount the SD card
|
| |\ \ \
| | |/ /
| | | |
| | | |
| | | | |
* commit 'fe111c83708dd3c8746b3a05d4b2f53c7a9f4477':
x86: Add vold.fstab to mount the SD card
|
| | |\ \
| | | |/
| | | |
| | | |
| | | | |
* commit 'e6b638be199a5f16f3eaff69710d92ea248d60a3':
x86: Add vold.fstab to mount the SD card
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: Ie1f70a22dd4e27e8ea956d5e627877d1e2379b95
Signed-off-by: Jun Nakajima <jun.nakajima@intel.com>
|
| | |\ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
functions DO NOT MERGE
* commit '126d4bc18c93f06016998cf6d014c6055c2d3a40':
Give system server permission to enable and disable USB functions DO NOT MERGE
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Ie43b6679838436ac004d0b5fa59d3d98cb5b0c76
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
| | |\ \ \
| | | |/ /
| | | | /
| | | |/
| | |/| |
* commit '642075b6f74faeca53d9449ec9b74d7c66fe7cdd':
Set USB group for /dev/usb_accessory DO NOT MERGE
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: I41264272ff6ce245cb2b8989ddee4a82059444a0
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is a dependency for the DNS proxy CLs.
This CL also adds a new socket for the netd process to inherit which
is owned by the inet group. (so only apps with the INTERNET
permission can use the DNS proxy...)
Change-Id: I8a51924e0ed56c6066f77e6f1b02d39bdadac51e
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix for non-eMMC based devices to properly start the "on nonencrypted"
action.
Change-Id: I5d2966db352b02f1a1724fb105e1cefc46037e42
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: I4af1f3fed857df2be96a640f65cd612577c957c7
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|/ / / /
| | | |
| | | |
| | | |
| | | | |
Change-Id: I17db8d9bb1bf6336979e9b7bce62306d0d7a79d2
Signed-off-by: Mike Lockwood <lockwood@android.com>
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bug: 3385161
Change-Id: I8bb91753c02c031c32ab0070dd424a6ac859311a
|
|\ \ \ \ \ |
|
| |/ / / /
| | | | |
| | | | |
| | | | | |
Change-Id: Ic299d328f2e04a65a9dce68909c7b83f3ac03b20
|
|\ \ \ \ \
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | | |
the system properties
* commit 'e442cff05ff9f083c91caa3bed74e37318a69fda':
Raise the viking killer min free values to match the system properties
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Idcbdb106d704ef63c9a44e635b6e995e0e5f6479
Signed-off-by: Rebecca Schultz Zavin <rebecca@android.com>
|
|\ \ \ \ \
| |/ / / /
| | / / /
| |/ / /
|/| | | |
* commit 'fee2cfb01165f6797d783c6a8c0b1fba4f591355':
Fix issue #3401380: Raise OOM killer limits
|
| | | |
| | | |
| | | |
| | | | |
Change-Id: Ia9c82e7d31b7f1b89bf9650ebea697d9b3a64506
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Ie3b20b487c1466737921567ab2d043e230356bf4
Note: safe to re-use the drmio uid/gid as no files were ever created.
|
|\ \ \ \ \
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | | |
daemon." into honeycomb
* commit '100511ffaa11b33a6856a434c62ad326a899f252':
goldfish: Work-around to start the RIL daemon.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This change forces the start of the RIL daemon used to provide
3G connectivity to the system. It should normally be started
automatically by init.rc but there is a bug within
system/core/init/builtins.c that prevents this to happen.
Fixes the "No network connectivity" bug while the network
interface and route were properly setup.
Change-Id: Ieec0f513aabf92b8a59f0a86f64a16e97057c3c3
|
|\ \ \ \ \
| |/ / / /
| | | | |
| | | | |
| | | | | |
* commit 'afa099a1909c02196574d125d735adb0c8918392':
Move rild to the late_start class
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Now that rild can be killed in a reasonable amount of time, move it
from the core class to late_start. I was going to move it to main,
but it would get killed and restarted right after the disk crypto
password was entered, which is when the late_start class is started,
and I was seeing issues with rild not re-connecting to the network
when it was killed and restarted.
Change-Id: I60479ddb853953029890fc816538d615ef5a96ab
|
|\ \ \ \ \
| |/ / / /
| | / / /
| |/ / /
|/| | | |
* commit '794fb914bef34c1c5f32764947801c95575ecd41':
rootdir: goldfish: Fix network route during emulation.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The net.eth0.gw system property is used by the ConnectivityService
to set the default route when it detects that 3G connectivity is
established. Because the property was undefined, the route was
unset which broke networking.
+ Format / document init.goldfish.sh
Change-Id: I1133cf6c093609300315cd0ea363c9e139b42521
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fixes the goldfish-specific config scripts used by init and ueventd
to properly setup the system under emulation. This fixes a lot of broken-ess
introduced by recent permission changes in the system.
Note that there are still several problems after this patch is applied, but
at least it becomes possible to get an adb connection to the emulated system,
Change-Id: Iff47bbf0fe5cb759fa93089284bb0f71e32405a2
|
|\ \ \ \ \
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
encrypt in place.
* commit '383b76f86af48d4a1a502d7767ab79f024483864':
Add a new trigger to support a progress bar UI for encrypt in place.
|
| |/ / /
| | | |
| | | |
| | | | |
Change-Id: I6a14eb43462505cb7fecfee9fd1ecdea50065963
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changes in init.stingray.rc now prevent rild from making sockets
or named pipes on /data. Now that rild no longer prevents /data
from being unmounted, we can put it in the core class, which doesn't
restart when we enable encryption. This speeds up the boot by 20+
seconds.
Change-Id: I737baf804e089f4ddbd664eaa1e675a7bd62e699
|